Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Align login scanner APIs #20909

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
dwelch-r7 merged 2 commits into from
Jan 29, 2026
Merged

Align login scanner APIs #20909

dwelch-r7 merged 2 commits into from
Jan 29, 2026
+196 −162

Conversation

@adfoster-r7
Copy link
Contributor

@adfoster-r7 adfoster-r7 commented Jan 28, 2026
edited
Loading

Fixes a bug in Metasploit Pro that reported false positives for HTTP bruteforcing

Context: Our login scanners implement a pre-scan check for "Is this actually the software I think it is?"

There's two different APIs that people have been followed:

# False => I found it
# String => Custom error message
def check_setup
   if i_found_the_thing
     return false
   end
   "Thing not found"
end

And:

# True => I found it
# False => I did not find it
def check_setup
   if i_found_the_thing
     return true
   end
   false
end

We've got 10 or so modules that implement pattern two out of 34 modules, and the rest implement pattern 1

This pull request aligns with pattern 1 and enforces this API with automated tests, which will make it easier to update in the future if we decide to update this API.

It also adds automated tests to ensure there's no more regressions in the API.

Verification

  • Static code review
  • Ensure CI passes
  • Ensure Metasploit Pro no longer reports false positives on successfully bruteforcing manage engine:
image - Ensure Metasploit Pro no longer attempts to brutefore services incorrectly

before:

...
[*] [2026.01.28-14:48:38] 192.168.123.1:8000 (LoginScanner::AdvantechWebAccess) INCORRECT - foo:bar
[*] [2026.01.28-14:48:40] 192.168.123.1:8000 (LoginScanner::Caidao) INCORRECT - foo:bar
[*] [2026.01.28-14:48:41] 192.168.123.1:8000 (LoginScanner::CiscoFirepower) INCORRECT - foo:bar
[*] [2026.01.28-14:48:48] 192.168.123.1:8000 (LoginScanner::DirectAdmin) INCORRECT - foo:bar
[*] [2026.01.28-14:48:53] 192.168.123.1:8000 (LoginScanner::WowzaStreamingEngineManager) INCORRECT - foo:bar
[*] [2026.01.28-14:48:57] 192.168.123.1:8000 (LoginScanner::Nessus) INCORRECT - foo:bar
...

afer:

...
[-] [2026.01.28-15:50:24] 192.168.123.1:8000 (LoginScanner::CiscoFirepower) - Unable to locate favicon in body. (Is this really CiscoFirepower?)
[-] [2026.01.28-15:50:24] 192.168.123.1:8000 (LoginScanner::SyncoveryFileSyncBackup) - Unable to locate "Syncovery" in body. (Is this really Syncovery?)
[-] [2026.01.28-15:50:25] 192.168.123.1:8000 (LoginScanner::WowzaStreamingEngineManager) - Unable to locate "Wowza Streaming Engine Manager" in body. (Is this really Wowza Streaming Engine Manager?)
[-] [2026.01.28-15:50:25] 192.168.123.1:8000 (LoginScanner::Caidao) - Unable to locate target extension in uri. (Is this really caidao?)
...

@adfoster-r7 adfoster-r7 added the rn-fix release notes fix label Jan 28, 2026
@adfoster-r7 adfoster-r7 force-pushed the align-login-scanner-apis branch from 6b940a8 to 8fe0d2d Compare January 28, 2026 17:35
@adfoster-r7 adfoster-r7 marked this pull request as draft January 28, 2026 17:35
@adfoster-r7 adfoster-r7 force-pushed the align-login-scanner-apis branch from 8fe0d2d to e70483b Compare January 29, 2026 14:13
@adfoster-r7 adfoster-r7 marked this pull request as ready for review January 29, 2026 14:17
@github-project-automation github-project-automation bot moved this from Todo to In Progress in Metasploit Kanban Jan 29, 2026
@dwelch-r7 dwelch-r7 merged commit 6fedaee into rapid7:master Jan 29, 2026
23 checks passed
@github-project-automation github-project-automation bot moved this from In Progress to Done in Metasploit Kanban Jan 29, 2026
@dwelch-r7
Copy link
Contributor

dwelch-r7 commented Jan 29, 2026

Release Notes

Fixes a bug in Metasploit Pro that reported false positives for HTTP bruteforcing

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dwelch-r7 dwelch-r7 dwelch-r7 approved these changes

Assignees

No one assigned

Labels

rn-fix release notes fix

Projects

Metasploit Kanban
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@adfoster-r7 @dwelch-r7